Comments (9)
I just tested how to do it. This could work with https://github.com/axios/axios.
axios({
method: 'get',
responseType: 'blob',
url: filename
})
.then(function (response: { data: string; }) {
log({ returnSnippet: substr }, chalk => chalk.blue(response.data));
})
.catch(function (error: {data: string;}) {
log({ returnSnippet: substr }, chalk => chalk.red(error.data));
});
Would you appreciate a PR and would you review and comment on it in short time?
from embedme.
See #68
or
your repo forked at https://github.com/astridx/embedme
from embedme.
@astridx why have you closed this issue while the PR is still open?
from embedme.
@Edo78 I know it like this, that an issue is closed when a PR is opened. Here it is like this: https://github.com/joomla/joomla-cms/ for example.
Is this wrong?
But by the way: I don't have the feeling that PR is wanted either.
from embedme.
I'm not sure. I always prefer to have a feedback on the issue from the maintainer.
I hope the PR is accepted because it can be really useful even on the very same repository. If I specify a line range and I change the source file the same range could point to a different code but pointing to a specific version can "solve" this issue.
from embedme.
@Edo78 Edo78 I'm not sure. I always prefer to have a feedback on the issue from the maintainer.
Same with me. "I always prefer to have a feedback on the issue from the maintainer". But: Since I needed the function for myself and it was already ready, I created the PR. It is also easier for the maintainer to make a decision when he sees the implementation.
from embedme.
Hi @astridx and @Edo78 , sorry for my silence on this issue, I've been busy with other stuff and forgot about this issue. Unfortunately I do not wish to extend the functionality of this iteration of the tool to include remote file management for a couple of reasons.
The main one being that I see this as both a security and consistency risk, if we had more fine grained permission controls with Node.js like we do with Deno, I'd be all for it, however I don't like the potential risks associated with basically uncontrolled fetching of remote data.
That said, I can certainly understand the desire for such a feature and would be happy to discuss alternative solutions such as a plugin-like architecture where a user needed to explicitly add separate (optional) dependency to allow for remote file resolution?
from embedme.
@zakhenry Thank you for your answer. Is it correct that you see the security issue for the offer at https://www.npmjs.com/?
from embedme.
What's the difference between:
wget
git submodule add
cd ../other/path; git clone foo/bar
then add a relative ref?
And...
4. embedme
fetching remote links
5. including a file from your repo that maybe was copy/pasta'd
from a normally reputable source that happened to be compromised at the time I copy/pasta'd
6. generating an svg
of an asciicast
with a tool that one day becomes compromised π
All seems a matter of where the request happens? And is the responsibility leaked to users or encapsulated in one program that might have a better chance of applying some safety checks (not that it has to) π
from embedme.
Related Issues (20)
- Something Wrong a comment start with // in code block HOT 2
- Consider using node-glob instead of shell expansion HOT 5
- Comments are not detected when CRLF is used instead of LF HOT 4
- Add -w βwatch mode HOT 2
- sql is in the list - but it says it's not support HOT 3
- Add support for haskell
- [Feature Request] Support start and end tags for embedding snippets of code HOT 7
- Request: Support for .ino files (Arduino sketches) HOT 2
- Add contribution guidelines
- [Request] add support for .tsx files HOT 2
- Allow regex parsing of files HOT 1
- Support including snippets of files HOT 3
- When the file trying to embed starts with 2 white spaces it won't embed the content
- Additional supported file type
- allow single lines (#L1 instead of #L1-L1)
- Additional file extension supported: Dockerfile
- Language extension with metadata isn't parsed correctly
- Return error code when file is renamed or moved HOT 2
- No comment detected in first line for block with extension HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from embedme.